<?php
defined('SEJUJOPEFDNGJSL') or exit('Access denied');



if($_POST['act']=='resetpwd'){
		
		$did=$_POST['did'];
		$oldpwd=trim($_POST['oldpwd']);
		$newpwd=trim($_POST['newpwd']);

		if(empty($did)) show_automsg('数据丢失无法提交',YMCURL.'controllist',1);

		$p=chkpwd(array($oldpwd,$newpwd),1);
			if($p!='true'){
				show_automsg($p,$GLOBALARR['curl'],1);
			}
		$db->query('select * from ld_user where uid='.$did,2);
		if(empty($db->rs)){
			show_automsg('找不到此管理！',YMCURL.'controllist',1);
		}else{
			$pwd=$db->rs["password"];
			if(getpwd($oldpwd) != $pwd){
				show_automsg('旧密码错误！',YMCURL.'controllist&did='.$did,1);
			}
			$password = getpwd($newpwd);
		}

		$db->sitedbexec("update ld_user set password='$password' where uid=$did");
		record_log('修改我的管理密码'.$uname);
		show_automsg('修改成功！',YMCURL.'controllist');
}
if(!empty($_GET['did'])){
	$did=getnums($_GET['did'],0);
}else{
	$did = $r['uid'];
}
$db->query('select * from ld_user where uid='.$did,2);
if(empty($db->rs)){
	show_automsg('找不到此管理！',YMCURL.'controllist',1);
}
$role=$db->rs['role'];
echo '<h3>管理密码修改</h3>';
echo '<div class="main-r-body"><form method="post" action="'.geturl().'">
		<div class="main-r-item"><input type="submit" class="thabtn" value="修改"></div>
		<input type="hidden" name="act" value="resetpwd"><input type="hidden" name="did" value="'.$db->rs['uid'].'">';
echo '<table class="tregtab ttab">';

echo '	<tr>
			<td class="wdb20 alignr paddingr">旧密码</td>
			<td class="alignl paddingl"><input type="password" name="oldpwd" value="" class="thconfig wd400"> </td>
		</tr>';	
echo '	<tr>
			<td class="wdb20 alignr paddingr">新密码</td>
			<td class="alignl paddingl"><input type="password" name="newpwd" value="" class="thconfig wd400"> </td>
		</tr>';			

echo '</table>';
echo '</form></div>';		

?>